In December I had the opportunity to present at the 2016 BIOMEDevice conference as part of the Embedded Systems Conference (ESC) in San Jose. Because of my experience with medical devices and cloud-based software development and many years as a systems and embedded software engineer, the topic chosen was how to address common errors in Cloud-connected medical device systems development.
Here are some of the best practices I shared – these are all very important when developing this type of system.
1. Protect data during transport and at rest
Data is at risk any time it is on a public channel, whether in the air between a device and a smartphone, on a wire between servers, or moving between locations within a mobile device. Encrypt it fully to preserve privacy as well as security. Unencrypted data is an invitation to a man-in-the-middle attack, and medical device data is especially sensitive. Data stored on cloud servers must also be encrypted (and de-identified as necessary) to guard against hacking.
2. Provide both scalability and load balancing
Scalability for your cloud implementation must be provided in many dimensions, since stress on your system can originate from many different sources. Robust scaling and load balancing will keep your system performant.
3. Design for failure
In the Cloud, if it can happen, it will. Failover, rollback and recovery systems don’t happen without pre-planning and pre-implementation. This is where your DevOps team will shine, but they will need automated systems to do their best work.
4. Make deployment strategies part of the design
If it’s important to be able to fix your bugs (and you know it is), then create a modular design that can be upgraded without taking your system down. Otherwise, you’ll have to deal with the problem that plagued a large online retailer in the early 2000s – they were losing a little money on each transaction from a bug in their system, but couldn’t upgrade the system – so the bug became a cost of doing business.
5. Know your Cloud Services Provider and your Service Level Agreement
Your project team will determine project success. Make sure your Cloud Services Provider (CSP) is the right one for your project, and that you form a partnership with them to the extent possible. The Service Level Agreement (SLA) will help you determine the best choice for your CSP, because it will lay out in detail what is and is not covered by the provider.
These five best practices can improve your outcomes in cloud-connected medical device development, but be aware that they are just the beginning. Medical device systems development in the Cloud requires careful planning and consistent use of best practices. Be thorough and methodical to achieve your best results.
We have posted a recording of the complete 2016 BIOMEDevice presentation for you to view here. The presentation provides additional best practices and high-level development approaches to assist in avoiding pitfalls associated with Cloud-connected medical device development and to increase the likelihood of your future success.